SynopsisThe remote Windows host contains a version of Adobe AIR that is affected by multiple vulnerabilities.
DescriptionThe remote Windows host contains a version of Adobe AIR that is earlier than 2.5.1. Such versions are affected by multiple vulnerabilities:
- An error exists in the validation of input and, with certain server encodings, lead to a violation of cross- domain policy file restrictions. (CVE-2010-3636)
- An unspecified error exists which can lead to a denial of service. (CVE-2010-3639)
- An error exists in the library loading logic and can lead to arbitrary code execution. (CVE-2010-3976)
- There exist multiple memory corruption vulnerabilities which can lead to arbitrary code execution.
(CVE-2010-3637, CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, CVE-2010-3652, CVE-2010-3654)
SolutionUpgrade to Adobe AIR 2.5.1 or later.